CVE-2002-0054

Sažetak

SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail Connector (IMC) in Exchange Server 5.5 does not properly handle responses to NTLM authentication, which allows remote attackers to perform mail relaying via an SMTP AUTH command using null session credentials.

Reference

http://marc.info/?l=bugtraq&m=101501580409373&w=2
http://www.securityfocus.com/bid/4205
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-011

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

09-04-2020 - 13:46

Objavljeno

08-03-2002 - 05:00